<!doctype html>
<html lang="en">
 <head> 
  <meta charset="UTF-8"> 
  <meta name="description" content="燎火的个人博客"> 
  <meta name="keyword" content="燎火,qq799378666,软件开发,java,c#,js,html,html5,css"> 
  <title>shiro入门实例</title> 
  <script src="/js/jquery-1.11.1.min.js"></script> 
  <script src="/js/bootstrap-3.3.5/js/bootstrap.js"></script> 
  <link href="/js/bootstrap-3.3.5/css/bootstrap.css" rel="stylesheet"> 
  <script src="/js/base.js"></script> 
  <script src="/js/nav.js"></script> 
  <script src="/js/jquery.toTop.min.js"></script> 
  <link href="/style/article.css" rel="stylesheet"> 
 </head> 
 <body> 
  <div id="main"> 
   <h3 id="title">shiro入门实例</h3> 
   <div id="content">
    <p><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">简介： Shiro 是一个 Apache Incubator 项目，旨在简化身份验证和授权。是一个很不错的安全框架。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">下面记录一下shiro和Spring整合的过程的一个小示例：&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">Web.xml配置&nbsp;</span><br></p>
    <p>Xml代码&nbsp;&nbsp;<a title="收藏这段代码" style="color: rgb(16, 138, 198); text-decoration: underline;"><img class="star" src="http://hnbcjzj.iteye.com/images/icon_star.png" alt="收藏代码"></a></p>
    <ol class="dp-xml list-paddingleft-2" style="font-size: 1em; line-height: 1.4em; margin-bottom: 1px; padding: 2px 0px; border: 1px solid rgb(209, 215, 220); list-style-position: initial; list-style-image: initial; color: rgb(43, 145, 175);">
     <li><p><span style="color: black;"><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">context-param</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">param-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>contextConfigLocation<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">param-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">param-value</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>classpath:applicationContext.xml,classpath:spring-shiro.xml<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">param-value</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">context-param</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comments" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&lt;!--&nbsp;apache&nbsp;shiro权限&nbsp;--&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>shiroFilter<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-class</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>org.springframework.web.filter.DelegatingFilterProxy<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-class</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">init-param</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">param-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>targetFilterLifecycle<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">param-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">param-value</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>true<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">param-value</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">init-param</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-mapping</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>shiroFilter<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">url-pattern</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>*.do<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">url-pattern</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-mapping</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-mapping</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>shiroFilter<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-name</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">url-pattern</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>*.jsp<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">url-pattern</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">filter-mapping</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
    </ol>
    <p><br><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">第一部分是将shiro的配置文件引入到web.xml中，我这里是spring-shiro.xml；&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">下面的是一个过滤器，过滤.do,.jsp的请求,引入shiro web.xml就配这么多。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">spring-shiro.xml配置文件&nbsp;</span><br></p>
    <p>Xml代码&nbsp;&nbsp;<a title="收藏这段代码" style="color: rgb(16, 138, 198); text-decoration: underline;"><img class="star" src="http://hnbcjzj.iteye.com/images/icon_star.png" alt="收藏代码"></a></p>
    <ol class="dp-xml list-paddingleft-2" style="font-size: 1em; line-height: 1.4em; margin-bottom: 1px; padding: 2px 0px; border: 1px solid rgb(209, 215, 220); list-style-position: initial; list-style-image: initial; color: rgb(43, 145, 175);">
     <li><p><span style="color: black;"><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;?</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">xml</span>&nbsp;<span class="attribute" style="color: red;">version</span>=<span class="attribute-value" style="color: blue;">"1.0"</span>&nbsp;<span class="attribute" style="color: red;">encoding</span>=<span class="attribute-value" style="color: blue;">"UTF-8"</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">?&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">beans</span>&nbsp;<span class="attribute" style="color: red;">xmlns</span>=<span class="attribute-value" style="color: blue;">"http://www.springframework.org/schema/beans"</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="attribute" style="color: red;">xmlns:xsi</span>=<span class="attribute-value" style="color: blue;">"http://www.w3.org/2001/XMLSchema-instance"</span>&nbsp;<span class="attribute" style="color: red;">xmlns:util</span>=<span class="attribute-value" style="color: blue;">"http://www.springframework.org/schema/util"</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="attribute" style="color: red;">xsi:schemaLocation</span>="http://www.springframework.org/schema/beans&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;http://www.springframework.org/schema/beans/spring-beans-3.0.xsd&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;http://www.springframework.org/schema/util&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;http://www.springframework.org/schema/util/spring-util-3.0.xsd"<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">description</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>Shiro&nbsp;配置<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">description</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span>&nbsp;<span class="attribute" style="color: red;">id</span>=<span class="attribute-value" style="color: blue;">"shiroFilter"</span>&nbsp;<span class="attribute" style="color: red;">class</span>=<span class="attribute-value" style="color: blue;">"org.apache.shiro.spring.web.ShiroFilterFactoryBean"</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"securityManager"</span>&nbsp;<span class="attribute" style="color: red;">ref</span>=<span class="attribute-value" style="color: blue;">"securityManager"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"loginUrl"</span>&nbsp;<span class="attribute" style="color: red;">value</span>=<span class="attribute-value" style="color: blue;">"/login.jsp"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"successUrl"</span>&nbsp;<span class="attribute" style="color: red;">value</span>=<span class="attribute-value" style="color: blue;">"/login.jsp"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"unauthorizedUrl"</span>&nbsp;<span class="attribute" style="color: red;">value</span>=<span class="attribute-value" style="color: blue;">"/error/noperms.jsp"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"filterChainDefinitions"</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">value</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/login.jsp*&nbsp;=&nbsp;anon&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/login.do*&nbsp;=&nbsp;anon&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/index.jsp*=&nbsp;anon&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/error/noperms.jsp*=&nbsp;anon&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/*.jsp*&nbsp;=&nbsp;authc&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/*.do*&nbsp;=&nbsp;authc&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">value</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span>&nbsp;<span class="attribute" style="color: red;">id</span>=<span class="attribute-value" style="color: blue;">"securityManager"</span>&nbsp;<span class="attribute" style="color: red;">class</span>=<span class="attribute-value" style="color: blue;">"org.apache.shiro.web.mgt.DefaultWebSecurityManager"</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="comments" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&lt;!--设置自定义realm&nbsp;--&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"realm"</span>&nbsp;<span class="attribute" style="color: red;">ref</span>=<span class="attribute-value" style="color: blue;">"monitorRealm"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span>&nbsp;<span class="attribute" style="color: red;">id</span>=<span class="attribute-value" style="color: blue;">"lifecycleBeanPostProcessor"</span>&nbsp;<span class="attribute" style="color: red;">class</span>=<span class="attribute-value" style="color: blue;">"org.apache.shiro.spring.LifecycleBeanPostProcessor"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="comments" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&lt;!--自定义Realm&nbsp;继承自AuthorizingRealm&nbsp;--&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span>&nbsp;<span class="attribute" style="color: red;">id</span>=<span class="attribute-value" style="color: blue;">"monitorRealm"</span>&nbsp;<span class="attribute" style="color: red;">class</span>=<span class="attribute-value" style="color: blue;">"com.springmvc.service.MonitorRealm"</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="comments" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&lt;!--&nbsp;securityManager&nbsp;--&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="attribute" style="color: red;">class</span>=<span class="attribute-value" style="color: blue;">"org.springframework.beans.factory.config.MethodInvokingFactoryBean"</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"staticMethod"</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="attribute" style="color: red;">value</span>=<span class="attribute-value" style="color: blue;">"org.apache.shiro.SecurityUtils.setSecurityManager"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"arguments"</span>&nbsp;<span class="attribute" style="color: red;">ref</span>=<span class="attribute-value" style="color: blue;">"securityManager"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="comments" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&lt;!--&nbsp;Enable&nbsp;Shiro&nbsp;Annotations&nbsp;for&nbsp;Spring-configured&nbsp;beans.&nbsp;Only&nbsp;run&nbsp;after&nbsp;--&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="comments" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&lt;!--&nbsp;the&nbsp;lifecycleBeanProcessor&nbsp;has&nbsp;run:&nbsp;--&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="attribute" style="color: red;">class</span>=<span class="attribute-value" style="color: blue;">"org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="attribute" style="color: red;">depends-on</span>=<span class="attribute-value" style="color: blue;">"lifecycleBeanPostProcessor"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="attribute" style="color: red;">class</span>=<span class="attribute-value" style="color: blue;">"org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">property</span>&nbsp;<span class="attribute" style="color: red;">name</span>=<span class="attribute-value" style="color: blue;">"securityManager"</span>&nbsp;<span class="attribute" style="color: red;">ref</span>=<span class="attribute-value" style="color: blue;">"securityManager"</span>&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">/&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">bean</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&lt;/</span><span class="tag-name" style="color: rgb(0, 102, 153); font-weight: bold;">beans</span><span class="tag" style="color: rgb(0, 102, 153); font-weight: bold;">&gt;</span>&nbsp;&nbsp;</span></p></li>
    </ol>
    <p><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">这里不想说太多，我这里没什么特别的，很多都是用的shiro自己的原有的，只有一个realm是我自己定义的，可能自己定义的会更好用点吧，如果不用自己定义的就用shiro的jdbcrealm，我自定义的也是跟jdbcrealm差不多的，后面我们再说我的自定义realm。另外就是给页面指定过滤器&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">/login.jsp* = anon /login.do* = anon /index.jsp*= anon /error/noperms.jsp*= anon /*.jsp* = authc /*.do* = authc</span></p>
    <table class="bbcode">
     <tbody>
      <tr class="firstRow"></tr>
     </tbody>
    </table>
    <p><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">Anon：不指定过滤器,不错是这个过滤器是空的，什么都没做，跟没有一样。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">Authc:验证，这些页面必须验证后才能访问，也就是我们说的登录后才能访问。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">这里还有其他的过滤器，我没用，比如说授权，这个比较重要，但是这个过滤器有个不好的地方，就是要带一个参数，所以如果配在这里就不是很合适，因为每个页面，或是.do的权限不一样，而我们也没法事先知道他需要什么权限。所以这里不配，我们在代码中再授权。这里.do和.jsp后面的*表示参数，比如login.jsp?main这种，是为了匹配这种。好行了，继续往下吧。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">验证：&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">验证我们就弄一个登录页面，然后提交到后台的action&nbsp;</span><br></p>
    <p>Java代码&nbsp;&nbsp;<a title="收藏这段代码" style="color: rgb(16, 138, 198); text-decoration: underline;"><img class="star" src="http://hnbcjzj.iteye.com/images/icon_star.png" alt="收藏代码"></a></p>
    <ol class="dp-j list-paddingleft-2" style="font-size: 1em; line-height: 1.4em; margin-bottom: 1px; padding: 2px 0px; border: 1px solid rgb(209, 215, 220); list-style-position: initial; list-style-image: initial; color: rgb(43, 145, 175);">
     <li><p><span style="color: black;"><span class="annotation" style="color: rgb(100, 100, 100);">@RequestMapping</span>(params&nbsp;=&nbsp;<span class="string" style="color: blue;">"main"</span>)&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">public</span>&nbsp;ModelAndView&nbsp;login(User&nbsp;user,HttpSession&nbsp;session,&nbsp;HttpServletRequest&nbsp;request)&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ModelAndView&nbsp;modelView&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;ModelAndView();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Subject&nbsp;currentUser&nbsp;=&nbsp;SecurityUtils.getSubject();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;UsernamePasswordToken&nbsp;token&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;UsernamePasswordToken(&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;user.getUsercode(),&nbsp;EncryptUtils.encryptMD5(user.getPassword()));&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;token.setRememberMe(<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">true</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">try</span>&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;currentUser.login(token);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">catch</span>&nbsp;(AuthenticationException&nbsp;e)&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;modelView.addObject(<span class="string" style="color: blue;">"message"</span>,&nbsp;<span class="string" style="color: blue;">"login&nbsp;errors"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;modelView.setViewName(<span class="string" style="color: blue;">"/login"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;e.printStackTrace();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">if</span>(currentUser.isAuthenticated()){&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;session.setAttribute(<span class="string" style="color: blue;">"userinfo"</span>,&nbsp;user);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;modelView.setViewName(<span class="string" style="color: blue;">"/main"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">else</span>{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;modelView.addObject(<span class="string" style="color: blue;">"message"</span>,&nbsp;<span class="string" style="color: blue;">"login&nbsp;errors"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;modelView.setViewName(<span class="string" style="color: blue;">"/login"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">return</span>&nbsp;modelView;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
    </ol>
    <p><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">这里我用的是spring MVC,你不用管他用什么mvc，我们只要知道，前台.do登录以后进入这个方法就行&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">Subject currentUser = SecurityUtils.getSubject()&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">;就是代表当前的用户。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">UsernamePasswordToken token = new UsernamePasswordToken( user.getUsercode(),EncryptUtils.encryptMD5(user.getPassword()));&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">这里的token大家叫他令牌，也就相当于一张表格，你要去验证，你就得填个表，里面写好用户名密码，交给公安局的同志给你验证。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">currentUser.login(token);&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">这句是提交申请，验证能不能通过，也就是交给公安局同志了。这里会回调reaml里的一个方法&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">protected AuthenticationInfo doGetAuthenticationInfo（）&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">验证是否通过&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">if(currentUser.isAuthenticated())&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">通过则转到你的页面，不通过到login页面并返回错误信息。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">现在我们看看我们的reaml类，这是一个自定义的realm，&nbsp;</span><br></p>
    <p>Java代码&nbsp;&nbsp;<a title="收藏这段代码" style="color: rgb(16, 138, 198); text-decoration: underline;"><img class="star" src="http://hnbcjzj.iteye.com/images/icon_star.png" alt="收藏代码"></a></p>
    <ol class="dp-j list-paddingleft-2" style="font-size: 1em; line-height: 1.4em; margin-bottom: 1px; padding: 2px 0px; border: 1px solid rgb(209, 215, 220); list-style-position: initial; list-style-image: initial; color: rgb(43, 145, 175);">
     <li><p><span style="color: black;"><span class="annotation" style="color: rgb(100, 100, 100);">@Service</span>(<span class="string" style="color: blue;">"monitorRealm"</span>)&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">public</span>&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">class</span>&nbsp;MonitorRealm&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">extends</span>&nbsp;AuthorizingRealm&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">/*</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;@Autowired&nbsp;UserService&nbsp;userService;</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;@Autowired&nbsp;RoleService&nbsp;roleService;</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;@Autowired&nbsp;LoginLogService&nbsp;loginLogService;</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*/</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">public</span>&nbsp;MonitorRealm()&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">super</span>();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="annotation" style="color: rgb(100, 100, 100);">@Override</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">protected</span>&nbsp;AuthorizationInfo&nbsp;doGetAuthorizationInfo(&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PrincipalCollection&nbsp;principals)&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">/*&nbsp;这里编写授权代码&nbsp;*/</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Set&lt;String&gt;&nbsp;roleNames&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;HashSet&lt;String&gt;();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Set&lt;String&gt;&nbsp;permissions&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;HashSet&lt;String&gt;();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;roleNames.add(<span class="string" style="color: blue;">"admin"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;permissions.add(<span class="string" style="color: blue;">"user.do?myjsp"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;permissions.add(<span class="string" style="color: blue;">"login.do?main"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;permissions.add(<span class="string" style="color: blue;">"login.do?logout"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SimpleAuthorizationInfo&nbsp;info&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;SimpleAuthorizationInfo(roleNames);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;info.setStringPermissions(permissions);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">return</span>&nbsp;info;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="annotation" style="color: rgb(100, 100, 100);">@Override</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">protected</span>&nbsp;AuthenticationInfo&nbsp;doGetAuthenticationInfo(&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AuthenticationToken&nbsp;authcToken)&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">throws</span>&nbsp;AuthenticationException&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">/*&nbsp;这里编写认证代码&nbsp;*/</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;UsernamePasswordToken&nbsp;token&nbsp;=&nbsp;(UsernamePasswordToken)&nbsp;authcToken;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">//&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;User&nbsp;user&nbsp;=&nbsp;securityApplication.findby(upToken.getUsername());</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;User&nbsp;user&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;User();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;user.setUsercode(token.getUsername());&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;user.setUserName(<span class="string" style="color: blue;">"admin"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;user.setPassword(EncryptUtils.encryptMD5(<span class="string" style="color: blue;">"admin"</span>));&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">//&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if&nbsp;(user&nbsp;!=&nbsp;null)&nbsp;{</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">return</span>&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;SimpleAuthenticationInfo(user.getUserName(),&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;user.getPassword(),&nbsp;getName());&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">public</span>&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">void</span>&nbsp;clearCachedAuthorizationInfo(String&nbsp;principal)&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SimplePrincipalCollection&nbsp;principals&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;SimplePrincipalCollection(&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;principal,&nbsp;getName());&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;clearCachedAuthorizationInfo(principals);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">}&nbsp;&nbsp;</span></p></li>
    </ol>
    <p><br><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">这里我没有跟数据库打交道，如果要跟数据库打交道很简单，你调用一个service,service再调dao，根据用户名去打该用户的密码。用户我们可以前面的令牌也就是我说的表格来取的，我们前台提交给公安同志一个表格，里面有用户密码，但需要注意的是，我们在这里并不把表格中的用户密码路数据库中的用户密码进行比较，我们只是根据表格中的用户名把密码查出来，然后把数据库的用户密码放在一个SimpleAuthenticationInfo对象中返回即可，这位公安同志不负责验证，只负责验证的材料。我这里没有查库，伪造了一个用户密码放入了对象。密码是admin。什么时候验证，就是我们前面调currentUser.isAuthenticated()时验证，所有的材料都全了，需要验证的时候就调一下这个方法就可以了。我们前面spring里配了这个&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">/*.jsp* = authc&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">/*.do* = authc&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">你配了authc过滤器，shiro会自动调currentUser.isAuthenticated()这个方法，没有登录的将被返回&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">&lt;property name="unauthorizedUrl" value="/error/noperms.jsp" /&gt;&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">配置的页面。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">好到这里登录就算是完成了。完成了登录下面就是要授权了，我们已经登录系统，我进入系统总要做点什么吧，比如这个系统就是一个公司的话，我现在已经进入公司了，如果我要进办公室，还得要授权(假如有门禁的话)刷卡。这们就里就是访问某个页面或是某个.do，&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">授权：&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">因为前面我们只配了验证过滤器，现在已经登录系统，如果我们请求一个*.do的话就会来到后台的action，我们授权也将在这里授。&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">Java代码&nbsp;</span><br></p>
    <p>Java代码&nbsp;&nbsp;<a title="收藏这段代码" style="color: rgb(16, 138, 198); text-decoration: underline;"><img class="star" src="http://hnbcjzj.iteye.com/images/icon_star.png" alt="收藏代码"></a></p>
    <ol class="dp-j list-paddingleft-2" style="font-size: 1em; line-height: 1.4em; margin-bottom: 1px; padding: 2px 0px; border: 1px solid rgb(209, 215, 220); list-style-position: initial; list-style-image: initial; color: rgb(43, 145, 175);">
     <li><p><span style="color: black;"><span class="annotation" style="color: rgb(100, 100, 100);">@Controller</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="annotation" style="color: rgb(100, 100, 100);">@RequestMapping</span>(value=<span class="string" style="color: blue;">"user"</span>)&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">public</span>&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">class</span>&nbsp;UserController&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">/**</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;跳转到myjsp页面</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;@return</span>&nbsp;</span></p></li>
     <li><p><span style="color: black;"><span class="comment" style="color: rgb(0, 130, 0); padding: 0px; margin: 0px; width: auto; border: 0px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*/</span>&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="annotation" style="color: rgb(100, 100, 100);">@RequestMapping</span>(params&nbsp;=&nbsp;<span class="string" style="color: blue;">"myjsp"</span>)&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">public</span>&nbsp;String&nbsp;home()&nbsp;{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Subject&nbsp;currentUser&nbsp;=&nbsp;SecurityUtils.getSubject();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">if</span>(currentUser.isPermitted(<span class="string" style="color: blue;">"user.do?myjsp"</span>)){&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">return</span>&nbsp;<span class="string" style="color: blue;">"/my"</span>;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">else</span>{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">return</span>&nbsp;<span class="string" style="color: blue;">"error/noperms"</span>;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">}&nbsp;&nbsp;</span></p></li>
    </ol>
    <p><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">我一直都说action，其实spring mvc里不再是action了，叫controller，我们这里的home方法的访问路径是user.do?myjsp，也就是我们登录系统后请求一个这个方法user.do?myjsqp,转到home方法后，我要看他有没有权限访问此方法，我就用下面的代码&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">Subject currentUser = SecurityUtils.getSubject();&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">currentUser.isPermitted("user.do?myjsp");&nbsp;</span><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">首先得到当前的用户，再看此用户是否有权访问user.do?myjsp,参数就是权限，这里后台数据库就会有这么一个权限，权限表中的权限地址就是user.do?myjsp,例如我们一般的系统左边是一棵功能菜单树，树的结点会有一个url链接，这个链接就是在权限表中。当然可能前面还会一个http:\\什么的。反正这里也跟后台的权限表中的地址一致就行了，shiro他是如何授权的。一样的你调用currentUser.isPermitted("user.do?myjsp");此方法后会回调realm中的protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection principals)方法，这个reaml类是非常重要的。这个类上面已经给出了，我们看看他是如何授权的。因为我没有连数据库，也是伪造了一个权限。如果是连数据库也很简单，用户表，角色表，权限表这三个表是有关联的，我们根据用户名就能查出此用户拥有的角色和所有的权限。&nbsp;</span><br></p>
    <p>Java代码&nbsp;&nbsp;<a title="收藏这段代码" style="color: rgb(16, 138, 198); text-decoration: underline;"><img class="star" src="http://hnbcjzj.iteye.com/images/icon_star.png" alt="收藏代码"></a></p>
    <ol class="dp-j list-paddingleft-2" style="font-size: 1em; line-height: 1.4em; margin-bottom: 1px; padding: 2px 0px; border: 1px solid rgb(209, 215, 220); list-style-position: initial; list-style-image: initial; color: rgb(43, 145, 175);">
     <li><p><span style="color: black;">Set&lt;String&gt;&nbsp;roleNames&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;HashSet&lt;String&gt;();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Set&lt;String&gt;&nbsp;permissions&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;HashSet&lt;String&gt;();&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;roleNames.add(<span class="string" style="color: blue;">"admin"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;permissions.add(<span class="string" style="color: blue;">"user.do?myjsp"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;permissions.add(<span class="string" style="color: blue;">"login.do?main"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;permissions.add(<span class="string" style="color: blue;">"login.do?logout"</span>);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SimpleAuthorizationInfo&nbsp;info&nbsp;=&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">new</span>&nbsp;SimpleAuthorizationInfo(roleNames);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;info.setStringPermissions(permissions);&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">return</span>&nbsp;info;&nbsp;&nbsp;</span></p></li>
    </ol>
    <p><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">最后构造一个对象并把权限给它就OK拉。如果是数据库查出来的，直接我的字符串替成你查出来的就行了。这样在你的controller中根据权限返回到指定的页面。&nbsp;</span><br></p>
    <p>Java代码&nbsp;&nbsp;<a title="收藏这段代码" style="color: rgb(16, 138, 198); text-decoration: underline;"><img class="star" src="http://hnbcjzj.iteye.com/images/icon_star.png" alt="收藏代码"></a></p>
    <ol class="dp-j list-paddingleft-2" style="font-size: 1em; line-height: 1.4em; margin-bottom: 1px; padding: 2px 0px; border: 1px solid rgb(209, 215, 220); list-style-position: initial; list-style-image: initial; color: rgb(43, 145, 175);">
     <li><p><span style="color: black;"><span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">if</span>(currentUser.isPermitted(<span class="string" style="color: blue;">"user.do?myjsp"</span>)){&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">return</span>&nbsp;<span class="string" style="color: blue;">"/my"</span>;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">else</span>{&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="keyword" style="color: rgb(127, 0, 85); font-weight: bold;">return</span>&nbsp;<span class="string" style="color: blue;">"error/noperms"</span>;&nbsp;&nbsp;</span></p></li>
     <li><p><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;</span></p></li>
    </ol>
    <p><br><span style="font-family: Helvetica, Tahoma, Arial, sans-serif; font-size: 14px; background-color: rgb(255, 255, 255);">没有权限就返回到没有权限的页面。那么整个权限管理系统就算是差不多了，当然还有页面标签没说，这部分不是难点，自己找找资料吧，源码我整整一并奉上。。。。。。&nbsp;</span></p>
    <p><br></p>
   </div> 
  </div>  
 </body>
</html>